Roadmap of Cyber Security Analyst for beginners in 2022

Security Analyst

SOC(Security Operation Center) is the discipline of ensuring that an organization's business is not interrupted by detecting, preventing, protecting, and responding to cybersecurity threats and attacks. There are many different sub-branches of Security Operations, such as Security Operations Center (SOC) and Security Information and Event Management (SIEM), both of which you learned about in the previous chapter.

Some topics need you learn most important.i discuss which topic include in Security Analyst so lets start---

1. Threat Intelligence

2. Reconnaissance and Intelligence Gathering

3. Designing a Vulnerability Management Program 

4. Analyzing Vulnerability Scans 

5. Cloud Security

6. Infrastructure Security and Controls

7. Identity and Access Management Security

8. Software and Hardware Development Security 

9. Security Operations and Monitoring 

10. uilding an Incident Response Program

11. Analyzing Indicators of Compromise

12. Performing Forensic Analysis and Techniques

13. Containment, Eradication, and Recovery 

14. Risk Management I

15. Policy and Compliance

1)-Threat Intelligence

Security professionals need to fully understand threats in order to prevent them or to limit their impact. In this chapter, you will learn about the many types of threat intelligence, including sources and means of assessing the relevance and accuracy of a given threat intelligence source. You'll also discover how to use threat intelligence in your organization.

Resources Book-:The Threat Intelligence HandBook

This book is available free pdf on Internet you can download .

2)- Reconnaissance and Intelligence Gathering

Gathering information about an organization and its systems is one of the things that both attackers and defenders do. In this chapter, you will learn how to acquire intelligence about an organization using popular tools and techniques. You will also learn how to limit the impact of intelligence gathering performed against your own organization.

3)-Designing a Vulnerability Management Program

Managing vulnerabilities helps to keep your systems secure. In this chapter, you will learn how to identify, prioritize, and remediate vulnerabilities using a well-defined workflow and continuous assessment methodologies.

4)-Analyzing Vulnerability Scans 

Vulnerability reports can contain huge amounts of data about potential problems with systems. In this chapter, you will learn how to read and analyze a vulnerability scan report, what CVSS scoring is and what it means, as well as how to choose the appropriate actions to remediate the issues you have found. Along the way, you will explore common types of vulnerabilities and their impact on systems and networks.

5)-Cloud Security

The widespread adoption of cloud computing dramatically impacts the work of cybersecurity analysts who must now understand how to gather, correlate, and interpret information coming from many different cloud sources. In this chapter, you'll learn about how cloud computing impacts businesses and how you can perform threat management in the cloud.

6)-Infrastructure Security and Controls

A strong security architecture requires layered security procedures, technology, and processes to provide defense in depth, ensuring that a single failure won't lead to a failure. In this chapter, you will learn how to design a layered security architecture and how to analyze security designs for flaws, including single points of failure and gaps.

7)-Identity and Access Management Security

The identities that we rely on to authenticate and authorize users, services, and systems are a critical layer in a defense-in-depth architecture. This chapter explains identity, authentication, and authorization concepts and systems. You will learn about the major threats to identity and identity systems as well as how to use identity as a defensive layer.

8)-Software and Hardware Development Security 

Creating, testing, and maintaining secure software, from simple scripts to complex applications, is critical for security analysts. In this chapter, you will learn about the software development life cycle, including different methodologies, testing and review techniques, and how secure software is created. In addition, you will learn about industry standards for secure software to provide you with the foundation you need to help keep applications and services secure. You'll also learn about tools and techniques you can use to protect hardware in your organization, including hardware assurance best practices.

9)-Security Operations and Monitoring

Monitoring systems, devices, and events throughout an organization can be a monumental task. Security logs can be an invaluable resource for security analysts, allowing detection of misuse and compromise, but they can also bury important information in mountains of operational data. In this chapter, you'll learn how to analyze data from many diverse sources. You'll learn about techniques including email header analysis, rule writing for event management systems, and basic scripting and query writing.

10)-Building an Incident Response Program 

You will learn the details of each stage of incident handling from preparation, to detection and analysis, to containment, eradication, and recovery, to the final postincident recovery, as well as how to classify incidents and communicate about them.

11)-Analyzing Indicators of Compromise

Responding appropriately to an incident requires understanding how incidents occur and what symptoms may indicate that an event has occurred. To do that, you also need the right tools and techniques. In this chapter, you will learn about three major categories of symptoms. First, you will learn about network events, including malware beaconing, unexpected traffic, and link failures, as well as network attacks. Next, you will explore host issues, ranging from system resource consumption issues to malware defense and unauthorized changes. Finally, you will learn about service- and application-related problems.

12)-Performing Forensic Analysis and Techniques 

Understanding what occurred on a system, device, or network, either as part of an incident or for other purposes, frequently involves forensic analysis. In this chapter, you will learn how to build a forensic capability and how the key tools in a forensic toolkit are used.

13)-Containment, Eradication, and Recovery

Once an incident has occurred and the initial phases of incident response have taken place, you will need to work on recovering from it. That process involves containing the incident to ensure that no further issues occur and then working on eradicating malware, rootkits, and other elements of a compromise. Once the incident has been cleaned up, the recovery stage can start, including reporting and preparation for future issues.

14)- Risk Management

we look at the big picture of cybersecurity in a large organization. How do we evaluate and manage risks to ensure that we're spending our limited time and money on the controls that will have the greatest effect? That's where risk management comes into play.

15)-Policy and Compliance

Policy provides the foundation of any cybersecurity program, and building an effective set of policies is critical to a successful program. In this chapter, you will acquire the tools to build a standards-based set of security policies, standards, and procedures. You will also learn how to leverage industry best practices by using guidelines and benchmarks from industry experts.

This Roadmap is help your Security Analyst career and i clearly discuss about how to crack Comptia Cysa+ certification.

Thanks For Reading.